Jump to: navigation, search

Multi-Realm Keystone

Revision as of 19:29, 25 January 2012 by Kevin (talk)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Multi-realm Keystone

Introduction

Currently, in order to make use of a given OpenStack service—when Keystone is in use—, a token issued by Keystone must be presented in the request. This falls short of the federation goal, where a customer running an OpenStack instance could issue a request to a contracted service provider also running OpenStack, using their existing authentication tokens. In this proposal, I put forward a mechanism by which this federation can be accomplished, along with a terminology that can help simplify future discussions.

The “Realm”

Retrieved from "https://wiki.openstack.org/w/index.php?title=Multi-Realm_Keystone&oldid=4406"